My ramblings about all things technical

Category Archives: Automation

Recently a number of customers have been coming to Dell EMC asking for us to help them with Infrastructure as Code solutions that will allow them to use DevOps methodologies such as CI/CD to provision to multi-cloud environments such as Azure,AWS,Google Cloud and on-premises solutions. These kinds of solutions are becoming more and more prevalent in my experience and although they don’t fit for all companies the capabilities of IaC are undeniable and will allow many companies to stay relevant and allow them to go to market much quicker and in a much more automated manner.

So alike to a lot of resources I post on this blog I started collating all the learning resources I could so that I could learn all about the possibilities of IaC and the various methods it could be accomplished. I have built the below list and will be adding to it over time. Also do keep an eye out on the vBrownbag as we plan to do many more IaC sessions very soon

The first place I started was to read this book to understand IaC better. This book was really good and was so easy to read that the Client Solutions Director I was working on an RFP response with for a customer read half of it and found it extremely helpful for him to understand IaC from a sales perspective and gave him the ability to talk to it confidently

Next was a blog posting by a fellow vBrownbag (and the OG of the vBB crew who created vBrownbag) Cody Bunch all about using Terraform with vSphere.

Speaking about AWS there are case studies and whitepapers I read about capabilities of IaC with AWS that were really helpful in my understanding. There is also a really good Cloud Academy lab you can do to learn some of the CloudFormation pieces here.

Knowledge

Evaluate logical performance considerations for a given vRealize Automation solution.

Performance considerations will be the number of virtual machines the solution has to provide sufficient resources for as well as future growth (20% growth over the next 3 years) . This is very much like vSphere sizing but now with the speed with which solutions can be created, modified and deleted especially if you are doing CDCI you need to also prepare for the number of continuous deployments and workflows at once. For example a DEM worker can only process 15 concurrent workflows at a time so if you are likely to be doing 60 workflows simultaneously due to the lifecycle of your machines then you are going to need at least four DEM workers to be deployed to handle this.

Performance also entails using mechanisms such as Storage DRS to automatically load balance provisioned workloads as they are requested, DRS to load balance the workloads across the hosts in the solution and performance of the vRA management components by isolating them in a management cluster, ensuring they are load balanced so one side isn’t always hit and the other is doing nothing. They don’t mention it in the tools but for this section and the exam as a whole I would recommend reading the latest vCAT documentation as well as the vRA 6.2 Reference Architecture document .

Differentiate infrastructure qualities related to performance.

Just like I have mentioned for the availability and management sections, the infrastructure quality for performance will need to be applied to certain requirements and designs decisions in the exam via drag and drop questions (I have done the exam so I am basing this on experience) . The performance infrastructure quality is defined as:

Indicates the effect of a design choice on the performance of the environment. This does not necessarily reflect the impact on other technologies within the infrastructure.

Key metrics:

Response time

Throughput

Analyze the current performance of an environment and address gaps when building a logical design.

So this is down to you deploying the vRA solution in an existing environment where there are workloads running and you need to analyse the performance of the environment to ascertain if the environment meets the performance requirements or if additional resources/another environment is required for the solution to work.

There are a number of methods to do this:

Get a VMware partner or VMware to run an analysis via VMware Capacity Planner to work out what your current environment is doing.

Use vRealize Operations Manager to give you a current state analysis as well as use historical data to work out trends and if there are month end increases in performance requirements or seasonal increases depending on the company’s business.

vSphere performance charts can also give you a not bad idea of what is happening if the above two aren’t possible as well as 3rd party tools.

Use a conceptual design to create a logical design that meets performance requirements.

In the conceptual design you will have defined and signed off the requirements. In these requirements there should be a number of them that apply to the performance infrastructure quality for example “The solution must be able to support the provisioning of 500 workloads a day” and “the solution must be able to service 5000 workloads with a 20% increase year on year for the next five years”

You will also have requirements where due to BC/DR requirements you will need spare capacity in the event of a failure so for example “The production workloads in Site A which makes up 20% of the 5000 workloads need to run on the secondary site in the event of a planned or emergency failover” .

Determine performance-related functional requirements based on given non-functional requirements and service dependencies.

Non-functional requirements are normally constraints imposed by the customer so for example the customer has defined you have to use existing networking in the datacentres and these are only 1GB switches which will severely impact what is possible from the solution. So if we keep to my example then having a service dependency that needs to talk to a physical SQL server where large amounts of data is transferred between the services to the database a single 1 GB link won’t be sufficient so either the service will have to be scaled down or the SQL database created as part of the service to allow inter virtual switch connectivity thereby allowing higher network throughputs.

Incorporate scalability requirements into the logical design.

This has been covered above already but what they are looking for is for you to design for future growth of the environment as the number of workloads increases and/or the amount of workload requests increases. The vRealize Automation reference architecture document also gives great coverage of scalability

Determine a performance component for service level agreements and service level management processes.

I covered this in the availability section where you have done a business impact analysis and worked out what theirs RPO and RTO values are. Part of availability also ties into performance as if the solution is running so slowly that users can’t use it then the service is essentially down and SLA’s are possibly not being met.

Knowledge

Evaluate which management services can be used with a given vRealize Automation Solution.

Management of vRealize Automation is achieved via various methods and solutions. You have management of the underlying vSphere infrastructure via the vSphere client and web client, management and monitoring of both vSphere and vRA via vRealize Operations with management packs for vRA, logging via vRealize LogInsight, change management via third part CMDB tools as well as VMware tools such as vRealize Configuration Manager and Hyperic.

There is also the standard vRA management via the vRA portal and the VAMI portals for management of the vRealize Appliances. I haven’t done the exam but based on previous exam experience I would make sure you know what tabs and options there are for all the vRA VAMI portals.

Differentiate infrastructure qualities related to management.

I partly covered this in the previous 2.3 posting, what they are likely to do from previous experience ( I have not done the exam nor the beta) is to give you a whole bunch of infrastructure qualities and you have to match them up. Manageability is all about ease of management and having the most optimal amount of manageability without impacting other infrastructure qualities or any of the requirements.

Build interfaces into the logical design for existing operations practices.

My take on what they are looking for here is that the customer you are doing the design for has existing operations practices and solutions and you need to take these into account and then design the solution to meet these. So for example if the customer has a CMDB and every time a machine is requested, built, edited and destroyed CI’s need to be passed to the CMDB to track these changes. Another example is syslogging and setting up syslog’s to go to a customer existing logging solution. Reading through the reference architecture and getting an understanding of what kinds of external solutions and services you might need to plug in to is great prep for this. Also adding the vRA management to AD,NTP,SNMP and DNS is very applicable and is required for all deployments (maybe not SNMP for every one)

Address operational readiness deficiencies.

This is where either the customers IT team who are going to look after the solution when you leave aren’t skilled up enough or they don’t have anyone to manage it at all (I’ve seen both in my experience). To fix this knowledge transfer workshops are required, or to link to the manageability infrastructure quality you simplify management as much as possible and try use their existing management mechanisms if they fit so allow easier management of the solution building on existing knowledge. You can also put it as a constraint the lack of existing knowledge to manage the solution and the risk mitigation is training of the team via formal training or learning from yourself and/or the person deploying the solution. You should also read the recommended Operational Readiness Assessment document from VMware.

Define Event, Incident and Problem Management practices.

These are where the logging of the solution and the management of the solution by tools such as vROps, LogInsight, vSphere alarms and event management via 3rd party tools such as Arcsight. The use of LogInsight and vROps is a great combination as they integrate brilliantly together and with the use of the management packs for vRA and LogInsight give amazing manageability of events, incident and problems with intelligent alarms. These can also be tracked by tools such as Service Now which is a fairly popular option for large enterprises in my experience and VMware have even written blogs about the integration http://blogs.vmware.com/management/2015/01/integrating-vrealize-automation-servicenow.html

Determine request fulfilment and release management processes.

Request fulfilment I am taking as the fulfilment of all the required parameters to provision as service from the vRA catalogue. You would do this via the service design that you have done for each service where you have defined what parameters need to be fed in and that incorrect values aren’t inserted to ensure service requests are successful. In regards to ASD this is where you make sure the request form is using optimal selection boxes to make sure letters aren’t used where only number should be inserted and drop down lists are used so that only applicable options can be selected.

Release management would also be done in the service design document although it might be the same across all the service offerings or might differ per service offering based on the lifecycles. This would be the definition of when new blueprints are published, where they are published, who they are published to and version control.

Define change management processes based on business requirements.

Change management can be done via logging to ensure if any changes are made they are tracked, this can also be done via the Service Now method I mentioned earlier as well as change management via vRealize Configuration Manager. During design workshops you should ascertain what change management processes they need to follow and then make sure those are met via usage of API’s to the CMDB solution or logging to LogInsight or Arcsight for example.

Based on customer requirements, identify required reporting assets and processes.

Very much like above the customer will define what kind of reporting they are looking for or what you think they should be getting and then producing these reports via tools such as vROps or LogInsight. For the exam I think they are going to have certain reporting requirements given to you such as the Infrastructure manager wants to get a daily report around any alerts that were found in vRA for the past day or sent an email if an alarm is triggered in vRA.

Knowledge

Evaluate dependencies for infrastructure and application services that will be included in a vRealize Automation design.

One of vRealize Automations biggest selling points is its ability to provision various services and applications be they single tier services or multi-tier services including load balancers and network isolation via NSX. When you are creating a vRealize Automation design for your customers they will have a number of services and applications in mind that they want to make available for consumption via vRA. You job and the point of this section is that you need to discovery and evaluate all of the required infrastructure and application services required.

This can either be existing infrastructure needed by the applications or due to company policies so for example if you are provisioning multiple machines to test code and then commit it back depending on the success or failure then that existing infrastructure might be something like GIT. Or it might need to be tracked via a CMDB so an existing CMDB needs to be available and able to be communicated with via the infrastructure so that it can be logged and tracked. The infrastructure may also be something that needs to be created as part of the service so something like an NSX edge to isolate a service from existing services every time they are deployed would then need to be created as part of the service.

There are various ways to do this and from my experience doing a few normally allows you to cover it pretty well. These are:

· Interviews with existing service owners to understand how it is done at present (if it is being done at present that is)

· Existing documentation around service design if available.

· Design workshops with the current users of a service offering as well as the companies IT team and project sponsors to understand what they want the vRA offering to offer.

· Via usage of VMware vCenter™ Application Discovery Manager which monitors the existing environments, applications and infrastructure and gives you an overview of what the existing services are actually connected to and using for the service. This is a brilliant tool if you have it at your disposal and can also be used in conjunction with vRealize Infrastructure Navigator.

Create Entity Relationship Diagrams that map service relationships and dependencies.

These diagrams are normally created as part of the service design document you should be creating for each service offering you are planning to make available within vRA and so that it is easier to understand what all the interdependencies are between the various components that make up the service.

For the exam they are most likely going to want you to do some drag and drop or even visio style questions for these diagrams so I would make sure you practice creating these kinds of diagrams in visio or paint for applications within your own environment

Analyze interfaces to be used with new and existing business processes.

This is vRealize Infrastructure Navigator work where VIN scans the environment and gives you a mapping of all interfaces that current services are using. There’s a BRILLIANT YouTube video by VMware that covers not just this heading but also the first heading https://www.youtube.com/watch?v=Uu0bGB7bc4A

Determine service dependencies for logical components.

For service dependencies you can use VIN again as the tool to determine this. The video mentioned above gives a great example of exchange dependencies.

Include service dependencies in a vRealize Automation logical design.

Personally I like to create separate design document for each service design rather than stick it into the vRA logical design but these can be portrayed either via the relationship diagrams or via flow charts showing the dependencies along with definitions of all the required components that make up the service offering.

Analyze services to identify upstream and downstream dependencies.

Again this can be done via VIN and Application Discovery Manager where you can ascertain what is required in what order so for example you will need a SQL database instance up and running before you can deploy a web services web servers and application servers.

Navigate logical components and their interdependencies and make decisions based upon all service relationships.

I take it they are looking for you to see a whole bunch of logical components and are told of their interdependencies and for you to then put them in the correct order to ensure it is built correctly.

Knowledge

Evaluate which logical availability services can be used with a given vRealize Automation solution.

For logical availability services this comes down to making sure there are multiple instances of a component if possible and that it is load balanced either via a physical load balancer like F5 or a virtual one like NSX and it is protect via HA and DRS rules are configured for anti-affinity for hosts placement and storage placement. I did a blog posting about designing an enterprise level distributed VRA . As you can see from the diagram I have split out the vRA appliances, IaaS Managers, IaaS Web servers, DEM workers and vSphere Agents and load balanced all the management components via NSX load balancers. The exam is supposedly based on vRA 6.2 so the postgres database is now clusterable between the vRA appliances so it being on an external vRA appliance instance isn’t required anymore.

Analyze a vRealize Automation design and determine possible single points of failure.

I think this is really self-explanatory as you need to understand how a highly available design is achieved and then pick up on any SPOF. For example if the vRA databases are on a SQL installation that isn’t clustered or protected by HA then this is a SPOF.

Determine potential availability solutions for a logical design based on customer requirements.

Create an availability plan, including maintenance processes.

Here is where in an ideal world you have done a Business Impact Analysis and determined what their RTO and RPO values are and then started to work out how various design methods and solutions can ensure these SLA’s are maintained as well as maintenance windows where these SLA’s don’t apply. Rene’s posting I mentioned earlier gives a brilliant amount of ideas of what to think about to ensure availability of a solution.

This is a part of an design where you need to holistically look at the design and ensure if one decision is made it doesn’t cause impacts to requirements or other decisions and if so if it is worth keeping that method or changing the other one. For example if you are requested to provide 99.999% of availability then this is going to cost the customer a serious amount but also some high level solutions are going to be required to ensure this is met which can impact manageability if the current team don’t have the skill set to manage it once you walk out the door.

A number of weeks ago I sat my VCP6-CMA exam (I’ve been working on my VCDX6-CMA submission hence the delay in posting this) after being told that passing one of the hopefully soon to be released VCAP6-CMA exams doesn’t automatically get you the underlying VCP6.

So with three days to go before the exam I managed to sit down and study for the exam. Now this isn’t something would recommend and it wasn’t something I had planned but with my having been working on a very large scale vRA 6 design and deployment for the last 18 months I took a chance. The blueprint covers everything you need to know just like all the other exams and there are no tricks where things aren’t on the blueprint but in the exam.

For study resources I used everything mentioned on my VCP6-CMA page to prepare. The resources available are perfect and the Pluralsight courses as well as the ICM on demand course were integral in my preparations (albeit i had watched these quite a while ago so didn’t re-watch them due to time constraints).

The exam is extremely fair and if you have used vRA for a while either in production, test or in your lab and you learn all the parts on the blueprint around vRA and vRB then you should have no issues passing the exam.

I finished the exam with 20 minutes to spare and got a reasonable 420 out of 500. 🙂

Due to my decision to aim for my VCDX6-CMA this year and thereby to get it in in time for the only VCDX-CMA defence of the year (so far) I have signed up for the VCAP6-CMA Design beta exam. I’ve been working on a very large-scale vRA 6.2 project for the past 14 months and so I hope this experience of designing and building it as well as my preparations via these objectives breakdown (plus my study resources) and using some of my VCDX5-DCV knowledge will help me. So I thought I would slowly post up each objective for my own benefit but also hopefully help other people looking to pass the VCAP6-CMA Design exam (beta or GA).I will be consolidating all the objectives on my blog page here.

Knowledge

Analyze requirements for functional and non-functional elements.

Analysing requirements and determining if they are functional or non-functional is the same method as you would do for the DCD or DTD exams. I mentioned in an earlier objective breakdown that if it is a constraint it is a non-functional requirement. Although the way I always did it for my DCD is that functional is when something should DO something & non-functional is HOW that something should be done. Scott Lowe covers them nicely in his vSphere Design Trainsignal videos.

Build non-functional requirements into a specific logical design.

This I’ll take it that you will be given non-functional requirements such as the usage of certain storage or networking or a front end portal and have to include it in a Visio style diagram. So using the storage one they might say they have iSCSI storage and you have to ensure you have it designed correctly for the usage of this storage.

Translate stated business requirements into a logical design.

Just like I covered in a previous objective you have to take down the objectives in a number of design workshops and interviews and now that they are defined and are accurate and signed off you can apply this into a logical design. So for example if they have stated they want the solution to cover two sites then you will design for maybe a stretched cluster or two instances running with two clustered vRA appliances with one on each site and the underlying vRA infrastructure below it. The vRA reference architecture gives a great overview of different design outlines and methods.

Incorporate the current state of a customer environment into a logical design.

Really straight forward in my opinion. If they say that their environment has certain storage or number of sites or limitations of networking etc then incorporate that into the design. This will have all been collected from design workshops, current state analysis as mentioned in the previous objective and interviews with SME’s.